A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Thursday, November 6th, 2025: Domain API Update; Teams Spoofing; VShell Report
November 05, 2025
5:43
0.95 MB ( 3.84 MB less)
Downloads: 0
Updates to Domainname API
Some updates to our domainname API will make it more flexible and make it easier and faster to get the complete dataset.
https://isc.sans.edu/diary/Updates%20to%20Domainname%20API/32452
Microsoft Teams Impersonation and Spoofing Vulnerabilities
Checkpoint released details about recently patched spoofing and impersonation vulnerabilities in Microsoft Teams
https://research.checkpoint.com/2025/microsoft-teams-impersonation-and-spoofing-vulnerabilities-exposed/
NViso Report: VSHELL
NViso published an amazingly detailed report describing the remote control implant VSHELL. The report includes details about the inner workings of the tool as well as detection ideas.
https://www.nviso.eu/blog/nviso-analyzes-vshell-post-exploitation-tool